Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gmNn8FqWkko3fG0GQ0XGP3H4Dl8.roa
File: gmNn8FqWkko3fG0GQ0XGP3H4Dl8.roa (raw, json)
Hash identifier: 8Rls/0Ker0Z+ENWGM1DUqONd7JG4U2huuxD+Ng/zE00=
Subject key identifier: 82:63:67:F0:5A:96:92:4A:37:7C:6D:06:43:45:C6:3F:71:F8:0E:5F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868D3571B2E0E2876ABD9953CA29FBB48A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gmNn8FqWkko3fG0GQ0XGP3H4Dl8.roa
Signing time: Sun 26 Feb 2023 10:12:14 +0000
ROA not before: Sun 26 Feb 2023 10:12:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8d:35:71:b2:e0:e2:87:6a:bd:99:53:ca:29:fb:b4:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 26 10:12:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=826367f05a96924a377c6d064345c63f71f80e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b4:b5:ba:20:05:32:ae:4a:f9:57:8c:63:5a:
8c:ec:29:3c:43:f0:66:33:81:fd:1f:14:2b:cb:73:
a2:79:2a:1d:7c:fd:29:ae:7a:6e:e7:02:10:32:60:
08:24:08:a8:f3:40:a1:a5:74:49:c5:b3:3a:c4:06:
86:45:98:53:3c:c9:69:f3:23:c3:7f:f9:c3:c7:17:
3c:2d:f5:9c:61:4f:74:fe:8a:c1:82:18:1c:cc:95:
86:c8:68:6b:2e:42:c1:f0:40:bc:16:4c:24:9e:e0:
10:d7:fd:80:ee:10:6e:5c:05:e5:9d:fd:6c:d7:17:
eb:fb:3c:2e:b1:98:4f:f1:71:18:3f:b3:a5:6d:ab:
71:01:ed:c2:bb:19:9f:64:82:ee:a4:ee:e0:ab:de:
06:bc:6c:a8:6e:30:eb:50:10:91:3b:c3:96:6a:87:
44:c9:aa:00:21:2b:20:77:91:a0:22:99:ef:5b:6b:
b3:5d:9d:d2:ae:2f:0d:93:da:1a:ea:94:e8:48:6f:
5e:60:d5:2a:c2:93:d3:64:29:06:76:97:53:75:e7:
ca:52:3c:06:d6:a2:c3:85:0d:e1:5d:2d:df:1e:91:
b9:5b:f5:fd:cf:73:b4:e1:ce:d9:11:9a:05:bc:dc:
48:6d:25:4a:68:45:c3:86:ba:c4:df:ef:9e:82:ab:
e3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:63:67:F0:5A:96:92:4A:37:7C:6D:06:43:45:C6:3F:71:F8:0E:5F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gmNn8FqWkko3fG0GQ0XGP3H4Dl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:9a:09:96:8b:46:b3:90:7e:9a:67:c6:5d:5a:c5:9c:90:eb:
38:d0:96:0f:c2:49:af:14:fc:07:a8:51:c5:a5:b7:42:3f:2b:
7c:9d:ff:3f:0d:e8:f4:a9:98:45:f4:a7:95:7c:d3:05:f6:46:
2a:7f:71:06:22:eb:71:93:23:29:ad:b2:10:92:c9:85:91:51:
61:a5:0a:77:d2:cf:cb:ee:41:cd:d7:e8:f0:cc:af:e8:78:79:
b1:b6:5f:8a:02:0f:d1:bf:0b:35:38:ce:44:5c:4c:fe:4c:23:
d1:d6:f3:86:f6:c6:b3:7b:ac:93:7c:a4:e7:5d:55:4b:ad:45:
7e:94:49:19:a5:7b:fe:55:a2:16:51:2e:86:64:6b:c9:f7:9b:
f7:27:6a:be:f8:b1:3b:c0:83:79:f5:70:79:41:36:c0:9c:11:
ff:fd:74:a4:64:e7:92:e4:78:d2:0f:29:82:73:68:3d:98:19:
db:9e:c6:ef:1d:4e:83:33:97:55:32:d5:e1:4e:9b:71:2a:66:
12:e9:59:84:ef:b0:f3:0e:7d:15:7f:1b:38:b8:04:81:fe:b8:
7c:d6:ea:df:1f:2f:bf:e4:7b:40:47:eb:ab:94:91:bd:8f:fe:
6c:ce:bf:44:3f:08:47:1c:c9:45:2f:11:bd:d5:21:04:fb:62:
23:8b:9a:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaNNXGy4OKHar2ZU8op+7SKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI2MTAxMjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjYzNjdmMDVhOTY5MjRhMzc3YzZkMDY0MzQ1YzYzZjcxZjgwZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbS1uiAFMq5K+VeMY1qM7Ck8Q/Bm
M4H9HxQry3OieSodfP0prnpu5wIQMmAIJAio80ChpXRJxbM6xAaGRZhTPMlp8yPD
f/nDxxc8LfWcYU90/orBghgczJWGyGhrLkLB8EC8FkwknuAQ1/2A7hBuXAXlnf1s
1xfr+zwusZhP8XEYP7OlbatxAe3CuxmfZILupO7gq94GvGyobjDrUBCRO8OWaodE
yaoAISsgd5GgIpnvW2uzXZ3Sri8Nk9oa6pToSG9eYNUqwpPTZCkGdpdTdefKUjwG
1qLDhQ3hXS3fHpG5W/X9z3O04c7ZEZoFvNxIbSVKaEXDhrrE3++egqvj8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIJjZ/BalpJKN3xtBkNFxj9x+A5fMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ21ObjhGcVdra28zZkcwR1EwWEdQM0g0RGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG2aCZaLRrOQfppnxl1a
xZyQ6zjQlg/CSa8U/AeoUcWlt0I/K3yd/z8N6PSpmEX0p5V80wX2Rip/cQYi63GT
IymtshCSyYWRUWGlCnfSz8vuQc3X6PDMr+h4ebG2X4oCD9G/CzU4zkRcTP5MI9HW
84b2xrN7rJN8pOddVUutRX6USRmle/5VohZRLoZka8n3m/cnar74sTvAg3n1cHlB
NsCcEf/9dKRk55LkeNIPKYJzaD2YGduexu8dToMzl1Uy1eFOm3EqZhLpWYTvsPMO
fRV/Gzi4BIH+uHzW6t8fL7/ke0BH66uUkb2P/mzOv0Q/CEccyUUvEb3VIQT7YiOL
mrk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:02:36 2025 by rpki-client